Site navigation

Explore IT@IU

In Unix, what are the sudo and su commands?

The Unix commands sudo and su
allow access to other commands as a different user.

The sudo command

The sudo command stands for "superuser do". It prompts
you for your personal password and confirms your request to execute a
command by checking a file, called sudoers, which the
system administrator configures. Using the sudoers file,
system administrators can give certain users or groups access to some
or all commands without those users having to know the
root password. It also logs all commands and arguments so
there is a record of who used it for what, and when.

The su command

The su command stands for "switch user", and allows you
to become another user. To use the su command on a
per-command basis, enter:

su user -c command

Replace user with the name of the account which you'd
like to run the command as, and command with the command
you need to run as another user. To switch users before running many
commands, enter:

su user

Replace user with the name of the account which you'd
like to run the commands as.

The user feature is optional; if you don't provide a
user, the su command defaults to the root
account, which in Unix is the system administrator account. In either
case, you'll be prompted for the password associated with the account
for which you're trying to run the command. If you supply a user, you
will be logged in as that account until you exit it. To do so, press
Ctrl-d or type exit at the command prompt.

Using su creates security hazards, is potentially
dangerous, and requires more administrative maintenance. It's not good
practice to have numerous people knowing and using the
root password because when logged in as
root, you can do anything to the system. This could
provide too much power for inexperienced users, who could
unintentionally damage the system. Additionally, each time a user
should no longer use the root account (e.g., an employee
leaves), the system administrator will have to change the
root password.